Learn more about these different git repos.
Other Git URLs
When a user first logs in, GNOME Keyring takes the password and creates a login keyring encrypted with this password. But when OTP is involved, the password is different everytime.
If a user migrates to OTP after having logged in, then he has to unlock the keyring manually. If the user first logs in with OTP, however, then the keyring can never be unlocked in the future without the original OTP code.
The solution is not to combine the password and OTP into a single text field entry. This way both values can be reported to the KDC, but only the password will be used for interaction with GNOME Keyring. This would also have the welcome side-effect of clarifying the UI for general OTP usage.
Also related to the ticket #2221, #2222
milestone: NEEDS_TRIAGE => SSSD 1.13 beta rhbz: => todo
Fields changed
mark: => 1
Subtask of the OTP prompting, should stay in 1.13
milestone: SSSD 1.13 beta => SSSD 1.13 backlog
Mass-moving tickets not planned for the 1.13 release to 1.14
milestone: SSSD 1.13 backlog => SSSD 1.14 beta
I think this ticket can be closed as a duplicate of #2335 which is already fixed.
sensitive: => 0
I agree.
resolution: => duplicate status: new => closed
rhbz: todo => 0
Metadata Update from @npmccallum: - Issue set to the milestone: SSSD 1.14 beta
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3320
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.